It is an answer to a DNS query to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, Time To Live (TTL) records, etc) for a Domain. The query can be made from a single host to look up information for the entire Domain. It is also the mechanism Primary and Secondary Name Servers use to update its DNS data. This is one of the vulnerable points where a malicious person can compromise DNS data integrity.

Why are DNS zone transfers a security issue?

The default behavior for DNS zone transfer permits any host to request and receive a full zone transfer for a Domain. This is a security issue since DNS data can be used to decipher the topology of a company’s network. The information obtained can be used for malicious exploitation such as DNS poisoning/spoofing. This is like an anonymous person calling the receptionist to request and receive the entire company’s telephone and address book.

___ has the least amount of problems when inspecting encrypted traffic?

anti-virus

___ specifies a set of consistent requirements for a workstation or a server.

configuration baseline

What is a difficult security concern to detect, when contractors enter a secure area?

copying sensitive information with a cell phone

What would stop the “log-in box” from appearing for one of your web-based applications, after you get a browser upgrade?

the pop-up blocker may not trust that website

What devices will protect your network from attacks launched from a business-to-business intranet?

NIPS and firewall

Penetration testing should only be used ___.

with written permission

___ overwrites the return address within a program to execute malicious code.

buffer overflow

___ algorithms are associated with the “signing” of email messages.

PGP

If you want to collect information about attackers and attempted methods of gaining access to the internal network, you should use ___.

a honey pot

___ is/are used to demonstrate a weakness in a system, and then provide documentation on the weakness.

penetration tests

A hash is a unique number that is based on the file’s contents and ___.

should be verified after download

When assigning permissions, should “least privilege” or “Role Based” be applied to enable a person to do their job tasks?

least privilege

___ can be used to encrypt FTP or telnet credentials over the wire.

SSH

TACACS is different from RADIUS because TACACS separates ___ capabilities.

authentication, authorization, and auditing

Does a “service pack” or a “patch rollup” include several patches from the same vendor for several different applications?

service pack

Does the account lockout “duration” or “threshold” set an account to lockout for 30 minutes after the maximum number of attempts have failed?

account lockout duration

___ can be used to institute a tunneling protocol for security?

IPSec

___ improves security in a wireless system.

MAC filtering, which is where an access point can be configured to accept connections only from certain hardware MAC addresses.

What tool is best for monitoring changes to the approved system baseline?

enterprise performance monitoring software

Is an iris scanner or a retina scanner better?

retina scanner

What can be implemented to assure that system abuse by administrators does not go undetected in the logs?

separation of duties

What’s it called when you have multiple web servers fed from a load balancer?

redundant servers

Does NIDS require signature updates to be effective?

yes

Concerning AH “authentication headers”, the authentication information is a ___ based on ___.

keyed hash based on all the bytes in the packet

Is “identity proofing” part of authentication or part of identification?

identification

Is it an example of RAID, when you have multiple web servers fed from a load balancer?

No, it’s redundant servers

Does a “firewall” or “NIDS” require signature updates?

NIDS

Which is a stronger hashing algorithm: NTLM or NTLMv2?

NTLMv2

What is the “key word” in this question: “Security templates are used for which of the following, etc?

“security” is the key word, NOT “templates”

Social engineering, password cracking, and vulnerability exploitation are examples of ___.

penetration testing

What can detect malicious traffic patterns inside the network originating between client workstations?